News

February 23, 2016

Area(s) of Interest:

The U.S. Department of Health and Human Services (HHS) has released two new fact sheets and an accompanying blog series that clarify what health information can be disclosed without a patient's written authorization under the Health Information Portability and Accountability Act (HIPAA).

According to the HHS Office of the National Coordinator for Health IT (ONC), it often hears complaints that HIPAA makes it difficult, if not impossible, to move electronic health data when and where it is needed for patient care and health. What many people don’t realize is that HIPAA not only protects personal health information from misuse, but also enables that personal health information to be accessed, used or disclosed interoperably, when and where it is needed for patient care.

This blog series and fact sheets aim to correct this misunderstanding so that health information is more often available when and where it is needed. They give numerous examples of when electronic health information can be exchanged without first requiring an authorization from the patient, so long as other protections or conditions are met.